CVE-2025-68223

drm/radeon: delete radeon_fence_process in is_signaled, no deadlock

Published: 12/16/2025 Last updated: 2/6/2026 Reserved: 12/16/2025

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeon_fence_process in is_signaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fence_ops::signaled can be called with the fence lock in unknown state. For radeon, the fence lock is also the wait queue lock. This can cause a self deadlock when signaled() tries to make forward progress on the wait queue. But advancing the queue is unneeded because incorrectly returning false from signaled() is perfectly acceptable. (cherry picked from commit 527ba26e50ec2ca2be9c7c82f3ad42998a75d0db)

CNA assigner: Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67) Requested by: n/a

Opam packages affected (29)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes ortools_solvers orun rawlink rawlink-eio rawlink-lwt restricted shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (3)

Product	Vendor	Version
Linux	Linux	< 1.24.0-rc.2
Linux	Linux	10.5(2)
Linux	Linux	< b5162bb6aa1ec04dff4509b025883524b6d7e7ca

CVE-2025-68223

drm/radeon: delete radeon_fence_process in is_signaled, no deadlock

Opam packages affected (29)

Products affected (3)

References (10)